[issue13856] xmlrpc / httplib changes to allow for certificate verification

2016-09-08 Thread Christian Heimes
Christian Heimes added the comment: xmlrpc.client.SafeTransport() accepts a context object. You can pass a SSLContext in to perform cert validation and even client cert auth. -- resolution: -> out of date status: open -> closed ___ Python tracker <

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2014-03-21 Thread Jakub Wilk
Changes by Jakub Wilk : -- nosy: +jwilk ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2013-07-08 Thread Christian Heimes
Changes by Christian Heimes : -- nosy: +christian.heimes versions: +Python 3.4 -Python 3.3 ___ Python tracker ___ ___ Python-bugs-list

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-02-02 Thread Antoine Pitrou
Antoine Pitrou added the comment: > For this issue, modifying the xmlrpc.client to support ssl context and > making a HTTPConnection with context object is present may be way to > go. xmlrpc is higher level than http.client, so you might also adopt the urllib approach of passing ca_file and ca_

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-02-02 Thread Senthil Kumaran
Senthil Kumaran added the comment: I am sorry. I see that with context object in 3.x, verification is being done. The CA certs can be pointed to using load_verify_locations. As the author had in this patc tothe pass on addition ca_certs and ca_reqs to wrap_socket in ssl from httplib2. I thou

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-30 Thread Martin v . Löwis
Martin v. Löwis added the comment: > I think, I was using wrong terminology, by 'sending' I meant, 'using' the > ca_file in the client to verify Server's certificates. Then I still don't understand your remarks. You said "is there any reason for the clients in the stdlib are not carrying a ca_

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Senthil Kumaran
Senthil Kumaran added the comment: I think, I was using wrong terminology, by 'sending' I meant, 'using' the ca_file in the client to verify Server's certificates. -- ___ Python tracker __

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Martin v . Löwis
Martin v. Löwis added the comment: > By that I mean, sending the ca_file and cert_reqs from the client, > which I believe would be required if you want to verify the server > certificate from the client end [1]. The other clients send only > the cert_file and the key_file. Ah, you are probably

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Senthil Kumaran
Senthil Kumaran added the comment: On Sun, Jan 29, 2012 at 10:30:45PM +, Antoine Pitrou wrote: > > Well, if you are a security expert you can volunteer to maintain a > trusted certificates' file in the Python repository :) I think > nobody else amongst us is qualified. :-) haha. Neither am

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Senthil Kumaran
Senthil Kumaran added the comment: On Sun, Jan 29, 2012 at 10:48:35PM +, Martin v. Löwis wrote: > orsenthil: I don't fully understand your question (what kind of "carrying" > should the clients do); By that I mean, sending the ca_file and cert_reqs from the client, which I believe would b

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Martin v . Löwis
Martin v. Löwis added the comment: For 3.x, xmlrpc.client should just pass-through the SSL context. Since the code to do so will be quite different from the current patch, I'm tempted to close this issue as rejected, unless Nathanael indicates that he would like to redo the patch for 3.x; thi

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Antoine Pitrou
Antoine Pitrou added the comment: > Antoine - I fail to recollect, but is there any reason for the clients > in the stdlib are not carrying a ca_file and doing a certificate > validation of the server connection? Well, if you are a security expert you can volunteer to maintain a trusted certi

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-29 Thread Senthil Kumaran
Senthil Kumaran added the comment: Thanks for submitting the patch. Couple of comments. 1. This is a new feature, so the patch should be addressed against 3.x. 2. The patch lacks tests and documentation and hence it is not complete. You could take a look at http/client.py or ssl.py (with test

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-25 Thread Senthil Kumaran
Changes by Senthil Kumaran : -- nosy: +orsenthil ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.py

[issue13856] xmlrpc / httplib changes to allow for certificate verification

2012-01-24 Thread Nathanael Noblet
New submission from Nathanael Noblet : If I wanted to create a HTTPS connection to a xmlrpc server *and* validate its certificate, I need to override the HTTPSConnection and SafeTransport objects. However it seems like they could easily support both methods. At least it seems to work both ways